Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

526613447e...11.exe

windows7-x64

9

526613447e...11.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    230901-wwrmcagh39_pw_infected.zip

  • Size

    6.4MB

  • Sample

    230902-h5sn4sbd3s

  • MD5

    55501a20f55c15bcec9e50101e9e3bb1

  • SHA1

    2d98c84a6002838f84b61eaf8c921daaeaf09a0e

  • SHA256

    17188840e0be125d91b563f879529132aad5bbd5a74ac10065216d55514ede53

  • SHA512

    04e9648ab2ef24bb7dbfbab822281de8f8a287ff1ec1e8154ab77936cb872848289ddaa10147450cac37f828ce3bf2f3d95134ed3060496b36417903f08f916a

  • SSDEEP

    196608:HPEI85ib5l6tMiLVcbgaYUVcVhX13yXv6Pq1pENN:HPEi5l6t/VhGiPfN

Score
9/10
ransomware

Malware Config

Targets

    • Target

      526613447e3fab1375062a6cd1a92f9494d712f1384f850ef46f364a6cc1a411.bin

    • Size

      6.6MB

    • MD5

      c624568e033887437008f25588e3d9ce

    • SHA1

      86a6e0446fbd19a7a9bbd097bcd0de4f8d41f8d9

    • SHA256

      526613447e3fab1375062a6cd1a92f9494d712f1384f850ef46f364a6cc1a411

    • SHA512

      8b195760bed271a00ca615a36d8c50c9feac6328c8061ec3340c716177c61e79fd84c5c1665a2b4cee2fcb537c54501c25173476b9970409ebdfa8be7218006a

    • SSDEEP

      196608:2ESpuhPRSIIlKBX0EOJ7+n22Ze0+4O9D0FT:8uxstlKBX0EQaZS40Ql

    Score
    9/10
    ransomware

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Drops startup file

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks